Bug 1847016

Summary: [OSP 16] os-brick patch for CVE-2020-10755
Product: Red Hat OpenStack Reporter: Brian Rosmaita <brian.rosmaita>
Component: python-os-brickAssignee: Brian Rosmaita <brian.rosmaita>
Status: CLOSED ERRATA QA Contact: Tzach Shefi <tshefi>
Severity: medium Docs Contact:
Priority: medium    
Version: 16.1 (Train)CC: achernet, apevec, drosenfe, eharney, jschluet, jslagle, lhh, ltoscano, mburns, pgrist
Target Milestone: z2Keywords: OtherQA, Triaged
Target Release: 16.1 (Train on RHEL 8.2)   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: python-os-brick-2.10.4-0.20200624084657.12d252d.el8ost Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1846478
: 1847021 1847024 (view as bug list) Environment:
Last Closed: 2020-10-28 15:37:36 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1842751    

Description Brian Rosmaita 2020-06-15 12:57:14 UTC 
The fix for CVE-2020-10755 requires either a patched or updated os-brick release.

See https://access.redhat.com/security/cve/CVE-2020-10755 for details.

This is fixed upstream for Train in os-brick release 2.10.3
Comment 5 Brian Rosmaita 2020-08-10 13:42:13 UTC 
Fix is available in upstream stable/train as commits 55fc99852166f72b95d85dc917197f5544861e7c and 12d252db9cb9deffea3c87b86ea71b3013d93892; also as os-brick release 2.10.4
Comment 13 errata-xmlrpc 2020-10-28 15:37:36 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Red Hat OpenStack Platform 16.1 bug fix and enhancement advisory), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2020:4284